GDPR & Privacy Policy

Your Privacy Matters to Us

This Privacy Policy explains how CPAPmask.eu collects, uses, stores and protects personal data when you visit our website, create an account, place an order or contact our team.

Your Rights Contact Us Cookie Policy
GDPR Aligned
No Data Selling
Secure Checkout
EU Business

Who We Are

CPAPmask.eu is operated by CPAP STORE GP, a company established in Greece.

🏒

Data Controller

The data controller responsible for this website is:

  • CPAP STORE GP
  • Registration number: 801790670
  • 105 Sokratous, Kallithea 17672, Greece
  • Email: support@cpapmask.eu
πŸ›‘οΈ

Our Privacy Commitment

We do not sell your personal data. We only process personal data when needed to operate our website, manage orders, provide customer support, meet legal obligations, improve our services or send marketing communications where permitted.

Last Updated

This Privacy Policy was last revised on June 01, 2024. It applies to visitors, customers and registered users of CPAPmask.eu.

What Personal Data We Collect

We collect only the information required to provide our services, process orders, support customers and comply with legal obligations.

πŸ‘€

Identity & Contact Data

  • Name and surname
  • Billing and shipping address
  • Email address
  • Phone number
  • Order notes provided by you
🧾

Order & Invoice Data

  • Products ordered
  • Order history
  • Invoice details
  • VAT number, where applicable
  • Payment method used
πŸ’»

Technical Data

  • IP address
  • Device and browser type
  • Pages visited
  • Referring URL
  • Date and time of access

Why We Use Your Data

We process personal data for clear and limited business purposes.

Purpose Examples Legal Basis
Order fulfilment Processing your order, shipping products, sending order updates and invoices. Contract performance
Customer support Answering product questions, order questions, returns, warranty or compatibility support. Contract performance / legitimate interest
Legal and tax obligations Accounting, invoicing, tax records and product traceability where applicable. Legal obligation
Marketing communications Newsletters, offers, abandoned cart reminders or product updates where permitted. Consent or legitimate interest, where allowed
Website security and analytics Protecting the website, preventing abuse, improving user experience and measuring performance. Legitimate interest / consent for non-essential cookies

Medical Product Traceability

Because CPAP products are medical-related products, certain order and product information may be stored in our ERP system for product traceability, warranty, accounting and legal compliance purposes.

  • Order history may be kept for up to 10 years where required.
  • Invoice and tax data may be retained according to applicable accounting and tax laws.
  • Product traceability data may be kept where required for medical device compliance.

Who We Share Data With

We share personal data only with trusted service providers when necessary for our business operations.

Service Providers

  • Payment gateways such as PayPal, Mollie or Stripe
  • Courier companies such as DHL, UPS, ACS, Geniki Courier or postal services
  • Email and marketing platforms such as MailerLite or Mailchimp
  • Shipment tracking tools such as Aftership or Aftersalespro
  • Hosting and security providers such as FastComet and Cloudflare
  • Accounting and tax service providers

Logistics Support

In some cases, and only where needed for order fulfilment or support, CPAP Store Ltd, located at 9 Tsar Boris III, Petrich, Bulgaria, may assist with stock handling, logistics or shipment processing. CPAP STORE GP and CPAP Store Ltd operate under related management, which helps us coordinate customer support and logistics more efficiently. When sharing order details with CPAP Store Ltd is necessary, we will request confirmation from the customer before sharing the required order information.

Payments

We do not store full card details on our website.

Payments are processed through secure third-party payment providers such as PayPal, Mollie or Stripe. These providers process payment information according to their own security and privacy standards. After successful payment, customers are redirected back to our website order confirmation page.

Cookies, Analytics & Advertising

Our website may use cookies and similar technologies for essential website functions, analytics, advertising, security and user experience improvement.

Analytics & Advertising Tools

  • Google Analytics
  • Google Ads
  • Microsoft Advertising
  • Facebook / Instagram tools, where active
  • Other performance and marketing tools

Cookie Control

Non-essential cookies should only be used according to your cookie preferences. You can manage or withdraw cookie consent through the cookie banner or browser settings.

Read Cookie Policy

Data Security

We use technical and organisational measures to protect your personal data.

πŸ”’

Secure Website

Our website uses SSL encryption to protect data transmitted between your browser and our website.

πŸ§‘β€πŸ’Ό

Limited Access

Access to customer data is limited to authorised team members and trusted providers where necessary.

πŸ–₯️

EU Hosting

Our primary website data and hosting infrastructure are located in Germany, within the European Union.

Your GDPR Rights

Under the GDPR, you have rights regarding your personal data. You may contact us at support@cpapmask.eu to exercise these rights.

  • Right of access to your personal data
  • Right to correct inaccurate data
  • Right to request deletion, where applicable
  • Right to restrict processing, where applicable
  • Right to data portability, where applicable
  • Right to object to processing, where applicable
  • Right to withdraw consent for marketing or optional cookies

How Long We Keep Data

We keep personal data only for as long as needed for the purposes described in this policy.

Customer Accounts

Account data may be stored while your account remains active. You may request account deletion, unless we need to keep specific data for legal, tax, warranty or product traceability reasons.

Orders, Invoices & ERP Records

Order, invoice and ERP records may be retained for up to 10 years or longer where required by applicable tax, accounting, legal or medical device traceability obligations.

Right to Complain

If you believe your personal data rights have been violated, you may contact us first at support@cpapmask.eu. You also have the right to lodge a complaint with the Hellenic Data Protection Authority, Kifissias 1-3, 115 23 Athens, Greece, telephone +30 210 6475600, email contact@dpa.gr.

Privacy Policy FAQ

Do you sell personal data?

No. CPAPmask.eu does not sell personal data.

Do you store my payment card details?

No. Payments are handled by secure third-party payment providers such as PayPal, Mollie or Stripe. We do not store full card details on our website.

Why do you keep order data?

Order data may be needed for order fulfilment, customer support, invoices, accounting, tax obligations, warranty handling and medical product traceability.

Can I unsubscribe from marketing emails?

Yes. You can unsubscribe using the unsubscribe link in our emails or contact us at support@cpapmask.eu.

Can I request deletion of my account?

Yes. You may request deletion of your account. Some order, invoice or legal records may still need to be retained where required by law.

Questions About Your Data?

Contact us if you have questions about this Privacy Policy or if you want to exercise your GDPR rights.

Email Support Contact Page Cookie Policy